Filtered by vendor Google
Subscribe
Total
13548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-4440 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4439 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: High)
|
|||||
| CVE-2022-4438 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-4437 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-4436 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-4195 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass Safe Browsing warnings via a malicious file. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4194 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Accessibility in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4193 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4192 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4191 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4190 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4189 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4188 | 1 Google | 2 Android, Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4187 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4186 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4185 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4184 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient policy enforcement in Autofill in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4183 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient policy enforcement in Popup Blocker in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4182 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Fenced Frames in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass fenced frame restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-4181 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-4180 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
|
|||||
| CVE-2022-4179 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
|
|||||
| CVE-2022-4178 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-4177 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High)
|
|||||
| CVE-2022-4176 | 1 Google | 3 Chrome, Chrome Os, Linux And Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High)
|
|||||
| CVE-2022-4175 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-4174 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-4025 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: Low)
|
|||||
| CVE-2022-48464 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48463 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48462 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48461 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2022-48460 | 2 Google, Unisoc | 13 Android, Sc7731e, Sc9832e and 10 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48459 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48458 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48457 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48456 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2022-48455 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48454 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2022-48453 | 2 Google, Unisoc | 2 Android, Sc7731e | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||